AMENDMENT TO THE CLAIMS: 



1 . (Previously Amended) A method for providing security in a computer system, 
comprising: 

controlling access to selected information using attributes defined in a first table; 
controlling access to the selected information using a second table that associates at least 

one of a read and write privilege with one or more physical addresses of a 

memory that houses the selected information 
receiving a request from a program to access the information; and 
allowing access to the information in response to determining that the program has the 

authority to access the information based on at least one of the read and write 

privilege. 

2. (Previously Amended) The method of claim 1, wherein controlling access to the 
selected information based on the privilege comprises: 

indicating in the second table that the memory housing the information is at least one of 
read and write disabled. 

3. (Previously Amended) The method of claim 2, wherein the second table is a 
bitmap based on physical addresses of the memory. 

4. (Original) The method of claim 1, wherein the program is an operating system. 
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5. (Previously Amended) The method of claim 1, wherein the selected information 
is at least one of interrupt descriptor table, global descriptor table, and local descriptor table. 

6. (Previously Amended) The method of claim 1, wherein allowing access to the 
information in response to determining that the program has the authority to access the 
information includes using a stack in the computer system to verify the identity of the program. 

7. (Original) A method for providing security, comprising: 
writing to at least one register to define a privileged memory region; 

defining at least one computer instruction as a privileged instruction, wherein the 

privileged instruction is resident in the privileged memory region; 
identifying information for protection; 

indicating at least one physical address of a memory that houses the information as at 

least one of read and write disabled; and 
controlling the access to the information using the privileged instruction. 

8. (Original) The method of claim 7, further including writing to a second register, 
wherein the first and second registers define the privileged memory region. 

9. (Original) The method of claim 7, wherein indicating at least one physical 
address of the memory includes: 

generating a table based on the physical addresses of the memory; and 
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indicating in the table that the memory housing the information is at least one of read and 
write disabled. 

10. (Original) The method of claim 7, wherein the information is at least one of 
interrupt descriptor table, global descriptor table, and local descriptor table. 

11. (Previously Amended) A computer readable program storage device encoded 
with instructions that, when executed by a computer, performs a method of providing security, 
comprising: 

protecting selected information using a first level of security specifying access privileges 

to the selected information; 
protecting the information using a second level of security that associates at least one of a 

read and write privilege with one or more physical addresses of a memory that 

houses the selected information; 
receiving a request from a program to access the selected information; and 
accessing the information in response to determining that the program has the authority to 

access the selected information based at least on the second security level. 

12. (Original) The computer readable program storage device of claim 11, wherein 
indicating at least one physical address of the memory includes: 

generating a table based on the physical addresses of the memory; and 
indicating in the table that the memory housing the information is at least one of read and 
write disabled. 
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13. (Previously Amended) The computer readable program storage device of claim 
12, wherein the table includes an entry specifying access rights to the selected information based 
on one or more programs desiring to access the selected information. 



14. (Original) The computer readable program storage device of claim 11, wherein 
the information is at least one of interrupt descriptor table, global descriptor table, and local 
descriptor table. 

15. (Previously Amended) An apparatus, comprising: 
a memory comprising; 

a first level of protection specifying access privileges for selected information; and 
a privileged code, the privileged code capable of: 

protecting access to the selected information based on a second level of protection 
in which at least one of a read and write privilege is associated with the 
physical address of a memory housing the information; 
receiving a request from a program to access the information; and 
allowing access to the information in response to determining that the program 
has the authority to access the information based on at least one of the read 
and write privilege. 
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16. (Original) The apparatus of claim 15, wherein the privileged code capable of 
indicating at least one physical address of the memory includes the privileged code being capable 
of: 

generating a table based on the physical addresses of the memory; and 
indicating in the table that the memory housing the information is at least one of read and 
write disabled. 

17. (Original) The apparatus of claim 15, wherein the program is an operating 

system. 

18. (Original) The apparatus of claim 15, wherein the information is at least one of 
interrupt descriptor table, global descriptor table, and local descriptor table. 

19. (Previously Amended) A system, comprising: 
a processor; and 

a memory coupled to the processor, the memory comprising: 
a table specifying access privileges for selected information; and 
a privileged code capable of: 

protecting access to the selected information based a second table specifying 
association of at least one of a read and write privilege with at least one 
physical address of a memory housing the information; 
receiving a request from a program to access the information; and 
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allowing access to the information in response to determining that the program 
has the authority to access the information based on at least one of the read 
and write privilege. 



20. (Original) The system of claim 19, wherein the privileged code capable of 
indicating at least one physical address of the memory includes the privileged code being capable 
of: 

generating a table based on the physical addresses of the memory; and 
indicating in the table that the memory housing the information is at least one of read and 
write disabled. 

21. (Original) The system of claim 19, wherein the program is an operating system. 

22. (Original) The system of claim 19, wherein the information is at least one of 
interrupt descriptor table, global descriptor table, and local descriptor table. 

23. (Original) The system of claim 19, wherein the processor is an x86 processor. 

24. (Previously Amended) An apparatus for providing security, comprising: 
means for providing a first table of at least write protection for selected information; 
means for providing a second table of at least one of read and write protection for the 

selected information associated with one or more physical addresses of a memory 
that houses the selected information; 
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means for receiving a request from a program to access the information; and 

means for allowing access to the information in response to determining that the program 

has the authority to access the information based on at least the first and second 

tables. 
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